similar to: cannot run logcheck

Package: logcheck-database Version: 1.2.54 Severity: normal Tags: patch Logcheck fails to ignore certain lines generated by OpenVPN; the attached patch fixes several regular expressions: * OpenVPN does not print the full path to ifconfig or route (at least here) * The interface name can also contain dots and does not always start with "tun" * The startup messages now gets suppressed

On Sat, 15 May 2004, CVS User ttroxell wrote: > if [ -f /etc/logcheck/header.txt ] ; then > - $CAT /etc/logcheck/header.txt >> $TMPDIR/report > + $CAT /etc/logcheck/header.txt >> $TMPDIR/report \ > + || error "Could not append header to $TMPDIR/report Disk full?" > fi > } > > @@ -152,7 +157,8 @@ > # Add a footer

# Automatically generated email from bts, devscripts version 2.10.35 # via tagpending # # logcheck (1.3) unstable; urgency=low # # * Formalise the dropping of violations.d/logcheck. Please see # /usr/share/doc/logcheck-database/NEWS.Debian.gz for more information # (closes: #471072). # * Add Auto-Submitted header to outgoing mails (closes: #489172). # * ignore.d.server/kernel: # -

Hi guys, now that violations.d/logcheck is empty, violations.ignore.d/logcheck-* are useless and many messages that were previously elevated and filtered there now turn up as system events. Thus, I went ahead and merged violations.ignore.d/logcheck-* into ignore.d.*/* in the viol-merge branch. http://git.debian.org/?p=logcheck/logcheck.git;a=shortlog;h=refs/heads/viol-merge Unless I hear

Package: logcheck-database Version: 1.2.39 Severity: wishlist Hi, I'd like to add the following rule to /etc/logcheck/violations.ignore.d/logcheck-postfix : ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd?\[[0-9]+\]: NOQUEUE: reject: RCPT from [._[:alnum:]-]+\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\]: 554 <[._[:alnum:]-]+\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\]>:

I've installed logcheck on CentOS from source, as well as liblockfile and lockfile-progs. I've created a logcheck user with /var/lib/logcheck as the home and /sbin/nologin as the shell. logcheck user is in the adm group. I also customised the list of logfiles for CentOS. When I run logcheck, I get the following errors: # sudo -u logcheck logcheck -ot basename: invalid option -- - Try

Package: logcheck Version: 1.2.35 Severity: minor Current manual reads: EXAMPLES logcheck can be invoked directly thanks to su(8) or sudo(8), which change the user ID: logcheck -o -t Check the logfiles without updating the offset. Print everything to STDOUT I believe this shuold be formatted as: EXAMPLES logcheck can be invoked directly thanks

apt-get install svn-buildpackage cat <<_eof >> ~/.svn-buildpackage.conf svn-lintian svn-linda svn-move _eof mkdir logcheck; cd logcheck svn co svn+ssh://svn.debian.org/svn/logcheck/logcheck/trunk cd trunk svn-buildpackage -k<your key ID> -rfakeroot man svn-buildpackage for more. Nice, huh? -- .''`. martin f. krafft <madduck at debian.org> : :' :

Package: logcheck-database Version: 1.2.69 Severity: normal Tags: patch kernel log lines of the form: ...kernel: [1933150.816604] TCP: Treason uncloaked! Peer 0000:0000:0000:0000:0000:ffff:d04e:3f6b:4038/80 shrinks window 2491430013:2491430014. Repaired. are not caught by the current rules. -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (500,

Hi, I've got a few logcheck ignore.d rules that I'd like to submit, one example is sqlgrey. /usr/share/doc/logcheck/README.maintainer talks about shipping the rules inside the package itself, so I could file a request with sqlgrey. However, that doesn't work because of course I don't have all the packages I use on my network installed on my loghost. In fact, I believe that

Package: logcheck Version: 1.3.14 Severity: normal I added a local.rules file to ignore.d.server and then ran logcheck. The file was not used during the run. Renaming it to local-rules got the file used during the next run. Fix: periods should be allowed in filenames, or the fact that they are forbidden expressly documented inteh logcheck README. Thanks Nils -- System Information: Debian

Package: logcheck Version: 1.2.26 Severity: wishlist Please add ignore for Spamassasin's "check" messages like: Aug 16 19:27:54 ns spamd[23853]: checking message <20040816150710.86ADA708A8 at smtp-out.hotpop.com> for nobody:65534. -- System Information: Debian Release: 3.1 Architecture: i386 (i686) Kernel: Linux 2.4.26.20040601 Locale: LANG=C, LC_CTYPE=C (ignored: LC_ALL

# Automatically generated email from bts, devscripts version 2.10.18.1 # # logcheck (1.2.64) unstable; urgency=low # # * ignore.d.server/bind: # - moved "[bind] query $FOO denied" rule to violations.ignore.d # (closes: #443881). # - added bind's "AXFR ended" rule alongside "AXFR started" # (closes: #445046). # - added "adding an

Package: logcheck Version: 1.1.1-13.1woody1 Severity: important logcheck line 56 uses "TMPDIR=$(mktemp -d -p ..." but mktemp from woody doesn't accept -p option Cheers, Chris -- System Information Debian Release: 3.0 Kernel Version: Linux ethlife-a 2.4.26-vs1.27 #4 SMP Mit Apr 28 15:20:15 MEST 2004 i686 unknown Versions of the packages logcheck depends on: ii cron

Package: logcheck-database Version: 1.2.54 Severity: normal The included filters for cyrus (/etc/logcheck/ignore.d.server/cyrus) are very minimal. The cyrus-imapd-2.2 has a more extensive ruleset (there's a /etc/logcheck/ignore.d.server/cyrus2_2 file in that package). Please copy over the filters from cyrus-imapd-2.2. I'm running logcheck on a loghost, which doesn't run cyrus

# Automatically generated email from bts, devscripts version 2.10.30 # via tagpending # # logcheck (1.2.65) unstable; urgency=low # # * ignore.d.server/courier: # - update rules to include port information; thanks to Antoine Pardignon # (closes: #446310). # - ignore couriertcpd messages; thanks to Andrew Gallagher # (closes: #451118). # * ignore.d.server/smbd_audit: # -

Package: logcheck-database Version: 1.2.43a Severity: minor Since last weekend's upgrade of logcheck-database from 1.2.42 to 1.2.43a, logcheck stopped ignoring routine SpamAssassin messages of the form Feb 20 21:36:16 tux64 spamd[4665]: spamd: checking message <20060220190721.0E0B41C5207 at llwb563.servidoresdns.net> for amu:7286 Could you please edit the second pattern in

Package: Logcheck Version: 1.2.54 Distro: Debian Etch (stable) Kernel: 2.6.18-5-686 #1 SMP I'm trying to force logcheck (reportlevel=server) to ignore smbd_audit logs. smbd_audit is a vfs module of samba. It writes logs into /var/log/syslog file. Typical log looks like this: Oct 24 08:36:14 server4 smbd_audit: Documents|Johnson|192.168.50.19|unlink ok|Projects/doc1.pdf I've added the

# Automatically generated email from bts, devscripts version 2.10.30 # via tagpending # # logcheck (1.2.65) unstable; urgency=low # # * ignore.d.server/postfix: # - ignore connection messages for anonymous TLS connections; thanks to # Justin Larue (closes: #486440). # - ignore hostname verification due to DNS name not found; thanks to # Justin Larue (closes: #486440). # *

Package: logcheck-database Version: 1.2.63 Severity: wishlist Tags: patch The bad address syntax bounce message was previously logged by postfix/qmgr, but in the current version of Postfix in lenny is (at least sometimes) logged by postfix/error instead. -- System Information: Debian Release: lenny/sid APT prefers testing APT policy: (990, 'testing'), (500, 'unstable'), (1,